Regarding Issue with generating authorization code for READER SDK

Hi,

First of all web are using a account as a marketplace for developer access. Where sellers are authorizing for mobile sdk token generate permssion using this api flow:

After completing this flow we are getting access token for generation Mobile auth code for that seller. We are asking seller to provide their location id:

After that we are using this api:

Build with the Mobile Authorization API

by using received access token from oAuth and location id shared by seller.

Which is providing us mobile authorization code that we are using for authorize Reader sdk.

But when we are authorising with received mobile authorization code SDK throwing an error like attached below screenshot:

So, please us know what’s we are doing wrong.

Here is some attached curl requests:

This url is for requesting oauth by seller. 
   "https://connect.squareup.com/oauth2/authorize?client_id=<Developer client id>&scope=PAYMENTS_WRITE_IN_PERSON&redirect_uri=redirect_url&code_challenge=<code_challenge>";

Then this one to get access token for generating mobile auth code for that seller:

curl https://connect.squareup.com/oauth2/token \
  -X POST \
  -H 'Square-Version: 2022-04-20' \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "<YOUR_APPLICATION_ID>",
    "grant_type": "authorization_code",
    "redirect_uri": "<THE REDIRECT URL>",
    "code": "<THE_AUTHORIZATION_CODE_YOU_WERE_GIVEN>",
    "code_verifier":"<THE CODE_VERIFIER YOU CREATED>"
      }'

Which is returning output something like this:

{
    "access_token": "xxxxxxxx",
    "token_type": "bearer",
    "expires_at": "2024-02-14T16:54:02Z",
    "merchant_id": "yyyyyy",
    "refresh_token": "xxxxxxxxxxxxxxx",
    "short_lived": false,
    "refresh_token_expires_at": "2024-04-14T16:53:31Z"
}

Then hitting this api curl to generate mobile auth code:

curl https://connect.squareup.com/mobile/authorization-code \
  -X POST \
  -H 'Square-Version: 2024-01-18' \
  -H 'Authorization: Bearer {ACCESS_TOKEN}' \
  -H 'Content-Type: application/json' \
  -d '{
    "location_id": "{LOCATION ID}"
  }'

Which is returning output like below:

[authorization_code] => sq0acp-Yss2W_pagj9jsI8wCjzpcnsdHwgfyvIyxg97CzQiQO0
[expires_at] => 2024-01-15T17:55:31Z

Then when authorizing with this code we are getting above error screenshot shared.

Awaiting your solution.

Thanks

2 posts - 2 participants

Read full topic